Forum Discussion
Incorrect vulnerability reporting for Foxit Phantom PDF v8
We have a number of PCs with Phantom PDF V8 installed.
ATP is incorrectly reporting lots of vulnerabilities with the latest version 8.3.10.42705.
ATP is reporting that this contains 322 Vulnerabilities. For example, CVE-2018-17615 (ZDI-CAN-6333) is listed, this was patched in Phantom 8.3.8, and Phantom 9.3 https://www.foxitsoftware.com/support/security-bulletins.php
4 Replies
- Tomer Teller
Microsoft
Thank you for reporting this.
Indeed, the fix affected 2 releases 8.3.7.38093 (and earlier) & 9.2.0.9297 (and earlier) and we only covered the latter. This should be fixed in the next 24 hours.
Version 8.3.10.42705 is now showing 230 vulnerabilities. I believe this should be zero.
For example CVE-2018-14442 AKA V-88f4smlocs was fixed in Phantom version 8.3.7 and 9.2.
It would be great to get this fixed!
- Tomer Teller
SteveJ50 The team is going to address all FoxIT security bulletin in our next update. This will solve the issue for all 230 vulnerabilities.
Hi, Is there any update on this? Phantom 8.3.10.42705 is still showing as having 315 vulnerabilities, including the one mentioned in the first post.
